[hash872]

If encryption keys are stored in a country where the company is required, by law or by force, to turn them over to authorities upon request then that should be noted. And yes that includes the US to a lesser degree.

When people say 'the server with the encryption keys is physically located in China, and they have many Chinese employees', the subtext that we should all know at this point is that they're required by Chinese law to turn everything over to the authorities. We have hard evidence & beyond hard evidence of this, so it's kind of assumed that educated people are aware of this. And yes the same goes for say US telecom companies having legally mandated backdoors & the US government exploiting this to conduct unauthorized surveillance or even just purely commercial spying, it's well-documented, everyone should know this. So in the future someone can say 'this telecom company is US-based' and we can all understand the subtext.

So it's OK to just say 'the servers are in China' and we should all know what that means, at this point. TLDR- it's OK to have priors